The present invention relates generally to authentication of user computers, and more specifically to authentication of a user computer, which is connectable to a mobile network, to a verifier server in the vicinity of the user computer.
There are many scenarios when a user computer may be used to authenticate to a verifier server in the same vicinity. For example, a user computer such as a mobile phone, tablet, personal digital assistant (PDA), etc., may store information which can be used to gain access to a product, a service or other resource on presentation of the information to the verifier server. A verifier server is a trusted source such as a bank, a credit service, a company server or other similar trusted computing resource or device which can verify or authenticate data related to a user, the user computer, and a transaction occurring. The user computer or mobile phone may contain, for example, information such as credit card details or mobile payment data used for purchasing goods or services at a point-of-sale device. In another example, the user computer may include user identification providing access to a building or other facility based on the user identification or user authorization data stored in the user computer.
However, in some cases, the user computer or smart phone might be infected by malware. Malware can capture the stored information and use it to authenticate a different user computer in some situations. Authentication information stored on a mobile phone, for instance, could be sent by malware to a malicious party and then used to obtain goods or services elsewhere in the user's name.